package com.jk.controller.admin;

import java.util.HashMap;
import java.util.Map;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import com.jk.controller.BaseController;
import com.jk.pojo.Admin;
import com.jk.service.AdminService;
import com.jk.util.MD5Encrypt;
import com.jk.util.SessionUtil;
/**
 * 
 * @author cuiP
 * 
 */
@Controller
@RequestMapping("/admin/login/")
public class LoginController extends BaseController {

	private static final String JSP_PATH = "/login/";
	
	@Resource
	private AdminService adminService;
	
	/**
	 * 跳转到登陆页面
	 * @param request
	 * @param modelMap
	 * @return
	 */
	@RequestMapping("toLogin.do")
	public String toLogin(HttpServletRequest request,ModelMap modelMap){
		return JSP_PATH+"login";
	}
	
	/**
	 * 登陆
	 * @param request
	 * @param modelMap
	 * @return
	 */
	@RequestMapping(value="login.do",method=RequestMethod.POST)
	public String login(HttpServletRequest request,HttpSession session,ModelMap modelMap){
		
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		String imgCode = request.getParameter("imgCode");
		String sessionImgCode = session.getAttribute("img")+"";
		
		String message = "";
		try {
			
			if(StringUtils.isNotEmpty(imgCode) && !imgCode.equalsIgnoreCase(sessionImgCode)){
				message = "验证码错误!";
				modelMap.put("message", message);
				return JSP_PATH+"login";
			}
			
			Subject currentUser = SecurityUtils.getSubject();
			UsernamePasswordToken token = new UsernamePasswordToken(username, password);
			token.setRememberMe(true);
			currentUser.login(token);
		} catch (UnknownAccountException e) {
			message = "账号不存在!";
			modelMap.put("message", message);
			return JSP_PATH+"login";
		} catch (IncorrectCredentialsException e) {
			message = "密码错误!";
			modelMap.put("message", message);
			return JSP_PATH+"login";
		} catch (LockedAccountException e) {
			message = "账号已经锁定!";
			modelMap.put("message", message);
			return JSP_PATH+"login";
		} catch (AuthenticationException e) {
			message = "身份验证失败!";
			modelMap.put("message", message);
			return JSP_PATH+"login";
		}
		return "redirect:/admin/index.do";
	}
	
	
	/**
	 * 登陆
	 * @param request
	 * @param modelMap
	 * @return
	 */
//	@RequestMapping(value="login.do",method=RequestMethod.POST)
//	public String login(HttpServletRequest request,HttpSession session,ModelMap modelMap){
//		
//		String username = request.getParameter("username");
//		String password = request.getParameter("password");
//		String imgCode = request.getParameter("imgCode");
//		String sessionImgCode = session.getAttribute("img")+"";
//		
//		String message = "";
//		try {
//			
//			if(StringUtils.isNotEmpty(imgCode) && !imgCode.equalsIgnoreCase(sessionImgCode)){
//				message = "验证码错误!";
//				modelMap.put("message", message);
//				return JSP_PATH+"login";
//			}
//			
//			Admin admin = new Admin();
//			admin.setUsername(username);
//			Subject currentUser = SecurityUtils.getSubject();
//			
//			UsernamePasswordToken token = new UsernamePasswordToken(username, password);
//			currentUser.login(token);
//			Admin record = adminService.queryOne(admin);
//			
//			if(record == null){
//				message = "账号不存在!";
//				modelMap.put("message", message);
//				return JSP_PATH+"login";
//			}
//			//前台用户不允许访问
//			if(Integer.valueOf(2).equals(record.getType())){
//				message = "当前用户没有权限!";
//				modelMap.put("message", message);
//				return JSP_PATH+"login";
//			}
			//判断用户状态
//			if(!record.getStatus()){
//				message = "当前用户已停用,请联系管理员!";
//				modelMap.put("message", message);
//				return JSP_PATH+"login";
//			}
//			if(!MD5Encrypt.MD5Encode(password).equals(record.getPassword())){
//				message = "密码错误!";
//				modelMap.put("message", message);
//				return JSP_PATH+"login";
//			}
//			
//			session.setAttribute(SessionUtil.getSessionAdmin(), record);
			
//		} catch (Exception e) {
//			e.printStackTrace();
//			message = "系统出错!";
//			modelMap.put("message", message);
//			return JSP_PATH+"login";
//		}
//		return "redirect:/admin/index.do";
//	}
	
	/**
	 * 跳转到修改密码页面
	 * 
	 * @return
	 */
	@RequestMapping("/edit_password.do")
	public String modifyPassword(HttpServletRequest request,HttpSession session){
		return JSP_PATH+"edit_password";
	}
	
	/**
	 * 保存修改密码
	 * @param request
	 * @return
	 */
	@ResponseBody
	@RequestMapping(value="save_password.do",method=RequestMethod.POST)
	public Map<String, Object> save_password(HttpServletRequest request,HttpSession session){
		Map<String, Object> messageMap = new HashMap<String,Object>();
		try {
			Admin admin = (Admin) session.getAttribute(SessionUtil.getSessionAdmin());
			String password = request.getParameter("password");
			
			Admin record = adminService.queryOne(admin);
			record.setPassword(MD5Encrypt.MD5Encode(password));
			adminService.update(record);
			session.removeAttribute(SessionUtil.getSessionAdmin());
			messageMap.put("status", SUCCESS);
			messageMap.put("message","修改密码成功!");
		} catch (Exception e) {
			//e.printStackTrace();
			messageMap.put("status", FAILURE);
			messageMap.put("message","修改密码失败!");
		}
		return messageMap;
	}
	
//	/**
//	 * 退出登录
//	 * 
//	 * @return
//	 */
//	@RequestMapping("/logout.do")
//	public String logout(HttpSession session) {
////		session.removeAttribute(SessionUtil.getSessionAdmin());
//		Subject currentUser = SecurityUtils.getSubject();
//		try {
//			currentUser.logout();
//		} catch (AuthenticationException e) {
//			e.printStackTrace();
//		}
//		return "redirect:toLogin.do";
//	}
}
